Hi all, I'm trying to create a passkey provider application and I can consistently register a passkey through 'prepareInterface(forPasskeyRegistration registrationRequest: ASCredentialRequest)' everywhere that accepts passkeys.
However, when I attempt to then use that passkey to sign in with 'provideCredentialWithoutUserInteraction(for credentialRequest: ASCredentialRequest)'
My code will work on some sites.. and not others. For instance: https://passkey.org/ and https://webauthn.io/ both work flawlessly.
But if I then try to do the same with Github, Uber, or Coinbase (really any application "in the wild") the assertion portion fails with a generic error like "This passkey can't be used anymore."
I've debugged every request and response object line by line and can't find a single difference between a site that works, and one that doesn't.. Does anyone know why this could be the case?
Here's my assertion code:
guard let request: ASPasskeyCredentialRequest = credentialRequest as? ASPasskeyCredentialRequest else { return }
// Following specs from here: https://www.w3.org/TR/webauthn/#sctn-signature-attestation-types
let hashedRp: [UInt8] = Array(SHA256.hash(data: Data(request.credentialIdentity.serviceIdentifier.identifier.data(using: .utf8) ?? Data([]))))
let flags:[UInt8] = [29] // 00011101 - only one that seems to work
let counter:[UInt8] = [0, 0, 0, 1] // just for testing, always the first for now until this works
let authData = hashedRp + flags + counter
let signature = try privateKey.signature( for: Data(authData + request.clientDataHash) )
let response: ASPasskeyAssertionCredential = ASPasskeyAssertionCredential(
userHandle: Data(request.credentialIdentity.user.utf8),
relyingParty: request.credentialIdentity.serviceIdentifier.identifier,
signature: signature.derRepresentation,
clientDataHash: request.clientDataHash,
authenticatorData: Data(authData),
credentialID: Data(credentialId.utf8)
)
extensionContext.completeAssertionRequest(using: response)
Any help would be very appreciated as I've been stuck on this for a while now.